One Step Ahead: Almanac Security Tips

In each issue, Penn's Journal of Record, The Almanac publishes helpful tips and hints for dealing with information security and privacy matters. This page is a collection of all those published thus far.

New! You can now receive new One-Step-Ahead Security and Privacy Tips automatically!You can subscribe via Email or RSS.

Table of Contents

Tuesday, November 13, 2007 - Almanac Vol. 54, No. 12

Passwords, Passwords Everywhere

Though much progress has been made in recent years in providing more secure methods of gaining access to computing resources, the primary authentication method remains the combination of a username and password. Of course, as we continue to open new accounts on websites like amazon.com, do our banking online, and perform other useful but confidential work, the number of account names and passwords multiplies as well, and it’s difficult for the average human being to remember all of them.

“Password vault” programs are one solution to this problem. These programs are essentially a database for all your usernames, passwords, and other similarly sensitive information that is encrypted and protected by a single, strong “master” password of your choosing. Simply open the database with the master password to decrypt and look up the account info you need –- much safer than post-it notes on your monitor! If you are using Mac OS X, you already have one called Keychain. A Google search on “password vault” will yield a wide assortment of Windows-based vault programs, such as PowerKeeper (by Symark) and PasswordVault (by Lava Software), though you should compare features and check consumer ratings before buying.

A final caution: Don’t use the “Remember My Password” checkboxes often found on websites and in applications–they are risky for many reasons. If “password proliferation” is giving you a headache, a vault program is a much safer alternative.